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O Sou rce code to be protected, a software applica- 
tion writer's private key. along with an application 
writer's -license provided to the first computer. The 
application writer's license includes identifying in- 
formation such as the application writer's name as 
well as the application writer's public key. A compiler 
program executed by the first computer compiles 
the source- code into binary code, and computes a 
message digest for the binary code. The first com- 
puter then encrypts the message digest using the 
application writer's private key. such that the encryp- 
ted message digest is defined as a digital "signa- 
ture" of the application writer. A software passport is 
then generated which includes the application writ- 
er's digital signature, the application writer's license 
and the binary code. The software passport is then 
distributed to a user using any number of software 
distribution models known in the industry. A user, 
upon receipt of the software passport, loads the 
passport into a computer which determines whether 
the software passport includes the application writ- 
er's license and digital signature. In the event that 
the software passport does not include the applica- 
tion writer's license, or the application writer's digital 
signature, then the user's computer system discards 
the software passport and does not execute the 
binary code. As an additional security step, the 
user's computer computes a second message digest 
for «/ne software passport and compares it to the first 



message digest, such that if the first and second 
message digests are not equal, the software pass- 
port is also rejected by the user's computer and the 
code is not executed. If the first and second mes- 
sage digests are equal, the user's computer extracts 
the application writer's public key from the applica- 
tion writer's license for verification. The application 
writer's digital signature is decrypted using the ap- 
plication writer's public key. The user's computer 
then compares a message digest of the binary code 
to be executed, with the decrypted application writ- 
er's digital signature, such that if they arc equal, the 
user's computer executes the binary code. 



FIG. 7 
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BACKGROUND OF THE INVENTION 

1 . Field of the Invention: 

The present invention relates to the use of 
public key encryption, and more particularly, the 
present invention relates to the use of public key 
encryption to achieve enhanced security and prod- 
uct authentication in the distribution of software. 

2. Art Background: 

Public key encryption is based on encryption 
algorithms that have two keys. One key used for 
encryption, and the other key is used for decryp- 
tion. There is a known algorithm that computes the 
second key given the first. However, without full 
knowledge of all the parameters, one cannot com- 
pute the first key given the second key. The first 
key is referred to as the "private key", and the 
second key is referred to as the "public key". In 
practice, either the private key or the public key 
may be used to encrypt a message, with the op- 
posite key used to decrypt it. In general, the pri- 
vate key must be kept private, but the public key 
may be provided to anyone. A variety of public key 
cryptographic schemes have been developed for 
the protection of messages and data (See. Whit- 
field Diffie. "The First Ten Years of Public Key 
Cryptography" (IEEE Proceedings. Vol. 76. No. 5. 
1988) and Fahn. "Answers to Frequently Asked 
Questions about Today's Cryptography (RSA Lab- 
oratories 1992). 

Public key cryptography is used to send se- 
cure messages across public communication links 
on winch an intruder may eavesdrop, and solves 
the problem of sending the encryption password to 
(he other side securely. 

Public key systems may also be used to en- 
crypt messages, and also to effectively sign mes- 
sages, allowing the received party to authenticate 
the sender of the message. One can also use 
public key cryptography to seal or \enc\e\- tamper- 
proof a piece of data. In such event, the sender 
computes a message digest from the data using 
specially designed cryplographically strong digests 
designed for this purpose. The sender then uses 
the private key to encrypt the message digest, 
wherein this encrypted message digest is called a 
digital "signature". The sender then packages the 
data, the message digest and the public key to- 
gether. The receiver may check for tampering by 
computing the message digest again, then decryp- 
ting the received message digest with the public 
key. If the recomputed and decrypted message 
digests are identical, there was no tampering of the 
data. 



"Viruses" and "worms" are computer code 
cleverly inserted into legitimate programs which are 
subsequently executed on computers. Each time 
the program is executed the virus or worm can 

:> cause damage to the system by destroying valu- 
able information, and or further infect and spread to 
other machines on the network. While there are 
subtle differences between a virus and a worm, a 
critical component for both is that they typically 

io require help from an unsuspecting computer user 
to successfully infect a computer or a corporate 
network. 

infection of computers by viruses and worms is 
a general problem in the computer industry today. 

/5 In addition, corporate networks are vulnerable to 
frontal assaults, where an intruder breaks into the 
network and steals or destroys information. Secu- 
rity breaches of any kind on large corporate net- 
works are a particularly worrisome problem, be- 

20 cause of the potential for large-scale damage and 
ps^nomic loss. Moreover ^curity breaches .are 
more easily accomplished when a corporate net- 
work is connected to a public network, such as the 
Internet. Companies take a variety of measures to 

25 guard against breaches of network security, eithei 
through frontal assaults or infections, without cut- 
ting themselves off from the benefits of being con- 
nected to a world-wide network. 

The solution adopted by most companies that 

jo wish to reap the benefits of connecting to the 
Internet, while maintaining security, is the installa- 
tion of a firewall. Firewalls generally restrict Internet 
fiie transfers and telnet connections. Such transfers 
and connections can only be initiated from within 

it 1 ) the corporate network, such that externally initiated 
file transfers and telnet connections are refused by 
the firewall. Firewalls allow electronic mail and net- 
work news to freely flow inside the firewall's private 
network. The use of corporate firewalls allows om- 

■to ployees to readily exchange information within the 
corporate environment, without having to adopt ex- 
treme security measures. A good firewall imple- 
mentation can defend against most of the typical 
frontal assaults on system security. 

ib One method of preventing viruses and worms 

from infecting a corporate network is to never ex- 
ecute a program that may contain viruses. In gen- 
eral, programs legitimately deployed throughout 
the corporate network should be considered virus 

so free. All binary executabies, all unreviewed shell 
„cripts, and all source codu fetched from outside 
the firewall are software that may contain a worm 
or virus. 

However, outside binary executabies. shell 
r>b scripts, and source code may enter a corporate 
firewall through an E-mail attachment. For example, 
the shell scripts that are used to make and send 
multiple files using E-mail and the surveytools that 



"EP „_ 0686906 I 



3 



EP 0 686 906 A2 



4 



start up by activating the E-mail attachment may 
allow virus entry. Execulables can also be directly 
fetched through the iftp program, through a world- 
wide web browser such as Mosaic, or from an 
outside contractor whose network has already been 
compromised. 

In addition, the commercial software release 
and distribution process presents security and au- 
thentication problems. For example, some of the 
information associated with software, such as the 
originating company or author, restricted rights leg- 
ends, and the like are not attached to the code 
itself. Instead, such information is provided as print- 
ed matter, and is separated from the code once the 
package is opened and the code installed. Even 
applications that attempt to identify themselves on 
start-up are susceptible to having the identification 
forged or otherwise counterfeited. 

A user has no mechanism lo authenticate that 
the software sold is actually from the manufacturer 
shown on the label. Unauthorized copying and the 
sale of software is a significant problem, and users 
who believe that they are buying software with a 
manufacturer's warranty instead purchase pirated 
software, with neither a warranty nor software sup- 
port. The problem of authenticating the original 
source of the software is accentuated when soft- 
ware is intended to be distributed through net- 
works, and a user's source for the software may be 
far removed from the original writer of the software. 
In addition, a user does not have that ability to 
verify thai (he software purchased contains only the 
original manufacturer's code. A user also does not 
have a method for detecting any tampering, such 
as the existence of a virus, that may cause un- 
desirable effects. 

All of the above problems are related to the 
transport of software both from manufacturers to 
users and from user to user. Furthermore, the 
transport problem ii- independent of the transport 
medium. The problem applies to all transport me- 
dia, including floppy disk, magnetic tape. CD-ROM 
and networks. 

As will be described, the present invention 
provides a melhod and apparatus for authenticating 
that software distributed by a manufacturer is a 
legitimate copy of an authorized software release, 
and that the software contains only the original 
manufacturers code without tampering. The present 
invention solves the above identified problems 
through the use of a "software passport" which 
includes the digital signature of the application writ- 
er and manufacturer. As will be described, the 
present invention may also be used to protect 
intellectual property, in the form of copyrighted 
computer code, by utilizing cryptographic tech- 
niques veicneci lo herein as public key encryption. 



SUMMARY OF THE INVENTION 

This invention provides a method and appara- 
tus utilizing public key encryption techniques for 
enhancing software security and for distributing 
software. The present invention includes a first 
computer which is provided with source code to be 
protected using the teachings of the present inven- 
tion. In addition, a software application writer's pri- 
vate key. along with an application writer's license 
provided to the first computer. An application writer 
generally means a software company such as 
Microsoft Corporation. Adobe or Apple Computer. 
Inc. The application writer's- license includes iden- 
tifying information such as the application writer's 
name as well as the application writer's public key. 
A compiler program executed by the first computer 
compiles the source code into binary code, and 
computes a message digest for the binary code. 
The first computer then encrypts the message di- 
gest using the application writer's private key. such 
that the encrypted message digest is defined as a 
digital "signature" of the application- writer. A_ soft- 
ware passport is then- generated which includes the 
application writer's digital signature, the application 
writer's license and the binary code. The software 
passport is then distributed to a user using any 
number of software distribution models known in 
the industry. 

A user, upon receipt of the software passport, 
loads the passport into a computer which deter- 
mines whether the software passport includes the 
application writer's license and digital signature. In 
the event that the software passport does not in- 
clude the application writer's license, or the ap- 
plication writer's digital signature, then the user's 
computer system discards the software passport 
and does not execute the binary code. As an 
additional security step, the user's computer com- 
putes a second message digest for the software 
passport and compares it to the first message 
digest, such that if the first and second message 
digests are not equal, the software passport is also 
rejected by the user's computer and the code is 
not executed. If the first and second message 
digests are equal, the user's computer extracts the 
application writer's public key from the application 
writer's license for verification. The application writ- 
er's digital signature is decrypted using the ap- 
plication writer's public key. The user's computer 
Uk.. compares a message digest of the binary 
code to be executed, with the decrypted applica- 
tion writei's digital signature, such that if they are 
equal, the user's computer executes the binary 
code. Accordingly, software products distributed 
with the present invention's software passport per- 
mits the user's computer to authenticate the soft- 
ware as created by an authorized application writer 
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who has been issued a valid application writer's 
license. Any unauthorised changes to the binary 
code comprising the distributed software is evident 
through the comparison of the calculated and en- 
crypted message digests. 

The present invention is also described with 
reference to an embodiment used by computing 
platforms designed to execute only authorized soft- 
ware. A platform builder provides an application 
writer with a platform builder's digital signature 
which is included in the application writer's license. 
The first computer compiles the software into bi- 
nary code and computes a first message digest for 
the binary code. The first computer further en- 
crypts the first message digest using the applica- 
tion writer's private key. such that the encrypted 
first message digest is defined as the application 
writer's digital signature. A software passport is 
generated which includes Hie application writer's 
digital signature, the application writer's license and 
the binary code. The software passport is then 
distributed to a user through existing software dis- 
tribution channels. The user's computing platform, 
which may be a computer, a video game box or a 
set top box. is provided with the platform builder's 
public key. Upon receipt of the software passport, 
the computing platform determines if the software 
passport includes an application writer's license. If 
it does not. the hardware platform rejects the ex- 
ecution of the code. If a software passport is 
present, the hardware platform extracts the applica- 
tion writer's license from the passport and deter- 
mines whether or not the passport includes the 
platform builder's signature. The platform builder's 
signature is then decrypted using the public key 
provided in tine platform. The computing platform 
recomputes the message digest of the application 
writer's license, and compares the received mes- 
sage digest with the recomputed message digest, 
such thai if the digests are not equal, the software 
passport is not considered genuine and is rejected. 
If the message digests are equal, the hardware 
platform extracts the application writer's public key 
from the application writer's license, and extracts 
the application writer's digital signature. The hard- 
ware platform then recomputes the message digest 
of the binary code comprising the application soft- 
ware to be executed, and decrypts the application 
writer's digital signature using the application writ- 
er's public key. The hardware platform then com- 
;..*es the recomputed message digest for the bi- 
nary code with the application writer's decrypted 
signature, such that if they are equal, the binary 
code is executed by the hardware platform. If the 
recomputed message digest and the application 
writer's decrypted signature are not equal, the soft- 
ware passport is rejected and the code is not 
executed. 



BRIEF DESCRIPTION OF THE DRAWINGS 



Figure 1 illustrates a data processing system 
incorporating the teachings of the present inven- 
5 tion. 

Figure 2 conceptually illustrates use of the 
present invention's software passport where the 
application code and the software passport are 
provided in separate files, 
/o Figure 3 conceptually illustrates use of the 

present invention's use of the software passport 
where the application code and the software pass- 
port are distributed in the same file. 

Figure 4 diagrammatically illustrates the 
/ r> present invention's process for generating a soft- 
ware passport. 

Figure 5 diagrammatically illustrates the use of 
the present invention for platform producer licens- 
ing. 

20 Figures 6a and 6b are flowcharts illustrating 

the steps executed by the present invention for 
verifying that a valid software license exists, and 
that the. software writer's ("SW's") signaiure is val- 
id, prior to permitting the execution of a computer 

20 program. 

Notation and Nomenclature 

The detailed descriptions which follow are pre- 

30 sented largely in terms of symbolic representations 
of operations of data processing devices. These 
process descriptions and representations are the 
means used by those skilled in the data processing 
arts to most effectively convey the substance of 

35 their work to others skilled in the art. 

An algorithm is hero, and generally, conceived 
to be a self-consistent sequence of steps leading to 
a desired result. These steps are those requiring 
physical manipulations of physical quantities. Usu- 

io ally, though not necessarily, these quantities may 
take the form of electrical or magnetic signals 
capable of being stored, transferred, combined., 
compared, displayed and otherwise manipulated. It 
proves convenient at times, principally for reasons 

is of common usage, to refer to these signals as bits, 
values, messages, names, elements, symbols, op- 
erations, messages, terms, numbers, or the like. It 
should be borne in mind, however, that all of these 
similar terms are to be associated with the appro- 

r>o priate physical quantities and are merely conve- 
nient labels a^piied to these quantities. 

In the present invention, the operations referred 
to are machine operations. Useful machines for 
performing the operations of the present invention 

r>5 include general purpose digital computers or other 
similar devices. In all cases, the reader is advised 
to keep in mind the distinction between the method 
operations of operating a computer and the method 
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of compulation itself. The present invention relates 
to method steps for operating a computer, coupled 
to a series of networks, and processing electrical or 
other physical signals to generate other desired 
physical signals. 

The present invention also relates to apparatus 
for performing these operations. This apparatus 
may be specially constructed for the required pur- 
poses or it may comprise a general purpose com- 
puter selectively activated or reconfigured by a 
computer program stored in the computer. The 
method process steps presented herein are not in- 
herently related to any particular computer or other 
apparatus. Various general purpose machines may 
be used with programs in accordance with the 
teachings herein, or it may prove more convenient 
to construct specialized apparatus to perform the 
required method steps. The required structure for a 
variety of these machines will be apparent from the 
description given below. 

Detailed Description of the Invention 

In the following description, numerous specific 
details are set forth such as system configurations, 
representative data, computer code organization, 
encryption iiielhods. and devices, etc.. to provide a 
thorough understanding of the present invention. 
However, it will be apparent to one skilled in the art 
that the present invention may be practiced without 
these specific details.' In other instances, well 
known circuits and structures are not described in 
detail in order to not obscure the present invention. 
Moreover, certain terms such as "knows", "veri- 
fies", "compares", "examines", "utilizes", "finds", 
"determines", "challenges", "authenticates", etc.. 
are used in this Specification and are considered to 
be terms of art. The use of these terms, which lo a 
casual reader may be considered personifications 
of computet or electronic systems, refers to the 
functions of the system as having human-like at- 
tributes, tot simplicity. For example, a reference 
herein to an electronic system as "determining" 
something is simply a shorthand method of de- 
scribing that the electronic system has been pro- 
grammed or otherwise modified in accordance with 
the teachings herein. The reader is cautioned not 
to confuse the functions described with everyday 
human attributes. These functions are machine 
functions in every sense. 

Exemplary Hardware 

Figure 1 illustrates a data processing system 
m accordance with the teachings of the present 
invention. Shown ts a computer 10. which com- 
prises three major components. The first of these 
is an input output (10) circuit 12 which is used to 



communicate information in appropriately struc- 
tured foim to and from other portions of the com- 
puter 10. In addition, computer 10 includes a cen- 
tral processing (CPU) 13 coupled to the 10 circuit 
r> 12 and a memory 14. These elements are those 
typically found in most general purpose computers 
and. in fact, computer 10 is intended to be repre- 
sentative of a broad category of data processing 
devices. Also, the computer 10 may be coupled to 
w a network, in accordance with the teachings herein. 
The computer 10 may further include encrypting 
and decrypting circuitry incorporating the present 
invention, or as will be appreciated, the present 
invention may be implemented in software execut- 
es ed by computer 10. A raster display monitor 16 is 
shown coupled to the 10 circuit 12 and issued to 
display images generated by CPU 13 in accor- 
dance with the present invention. Any well known 
variety of cathode ray tube (CRT) or other type of 
: y o display may be utilized as display 16. 

The present invention's software passport iden- 
tifies a portion of software, or some machine code 
(hereinafter "code"), iiva manner similar to how a 
physical passport identifies a person. The concept 
2(> is similar to the real-life passport system which 
forms the basis of a trust model among different 
nations. Physical passports enable border entry 
officers lo identify each individual and make certain 
decisions based on his her passport. As will be 
•M) described below, a software passport is a modern 
release process for distributing software products. 
A software passport gives a software product an 
identity and a brand name. The software passport 
provides the basis of a trust model and allows 
computer users to identify and determine the genu- 
ineness of a software product based on the in- 
formation contained in its passport. 

Referring now to Figure 2. the present inven- 
tion is illustrated in conceptual form for the case 
■to where the computer code (comprising a piece of 
software) and the software passport are in separate 
files. Figure 3 illustrates the use of the present 
invention where the computer code comprising a 
piece of software and the software passport are in 
■/.'> the same file. 

As illustrated in Figures 2 and 3. the informa- 
tion included in the present invention's software 
passport may include: 

product information, such as the software prod- 
r >o uct's name and any other relevant information to 
the specific product: 

company information including the name of the 
company or the software application writer who has 
produced the product: 

a validity date which includes the- issue date of 
the software passport and the expiration dale of the 
passport: 

a restricted rights legend including copyright 
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notices and other similar legends: 

the software code body including executable 
application code distributed to the user: 

an application, writer's license: and, 

a software application writer's digital signature. 

It will be appreciated that the components of a 
software passport are generally self-explanatory, 
with the application writer's license and digital sig- 
nature explained in more detail below. 

SOFTWARE PRODUCER'S DIGITAL SIGNATURE 

A digital "signature" is produced by using cer- 
tain cryptographic techniques of computing a mes- 
sage digest of a piece of software code (hereinafter 
"code"), and encrypting the message digest using 
the signer's private key. There are many known 
message digest algorithms, such as the MD2. 
MD4. and MD5 algorithms published by RSA. Inc. 
The use of private cryptographic techniques makes 
this signature very difficult to forge since the signer 
keeps the private key secret. The reader is referred 
to the papers by Whitfield Diffie. "The First Ten 
Years of Public Key Cryptography". Vol. 76. No. 5 
(IEEE Proceedings. May 1988); and Whitfield Diffie. 
et al., "Authentication and Authenticated Key Ex- 
changes" (1992 Kluwer Academic Publishers) in- 
corporated herein by reference, for a detailed de- 
scription of the operation of Diffie-Helman certif- 
icates and public key cryptography. 

One may conceptualize the computing of the 
message digest lor a piece of code as a mecha- 
nism of taking a photo snapshot of the software. 
When the code changes, its message digest re- 
flects any differences. In the system of the present 
invention, this "digital signature" is stamped on the 
product prior to its release. The digital signature 
associates a product with the entity that has pro- 
duced it. and enables consumers to evaluate the 
quality of a product based on the reputation of the 
producer. The signature also permits a consumer 
to distinguish the genuineness of a product. 

SOFTWARE PRODUCER'S LICENSE 

The present invention's software producer's li- 
cense (at time referred to herein as the "application 
writer's license") is an identification similar to the 
home repair " contractor's license issued by a 
state. A software producer's license identifies and 
certifies that the producer is authorized to perform 
certain software production activities. It is contem- 
plated that the software producer's license will be 
issued by some commonly-trusted authority estab- 
lished by the computer software industry. Before 
issuing an license to a software producer, this 
authority performs a defined process to authen- 
ticate the person or company, and to verify their 
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job skill: as a state does before issuing a contrac- 
tor's license. For convenience, in this Specification, 
this commonly-trusted entity is referred to as the 
Software Publishing Authority ("SPA"). 
5 A software producer's license contains the fol- 

lowing information: 

the producer's name: 
the license's issue date: 
the license's expiration date: 
io the producer's public key; 

the name of the issuing authority. SPA: and 
the SPA's digital signature. 
A software producer's license associates an 
application writer with a name and a public key. It 
>f> enables a software producer to produce multiple 
products, and to sign every product produced. The- 
public key embedded in a license belongs to the 
person who owns the license. This public key can 
later be used by any third party to verify the 
.?o producer's digital signature. A user who has pur- 
chased a product can determine the genuineness 
of a product by using the public key embedded in 
the producer's identification to authenticate the 
digital signature. 
;>s The SPA's digital signature is generated by 

computing the message digest of the producer's 
identification and encrypting the message digest 
using the SPA's private key. Since the SPA's pri- 
vate key is kept private to the SPA. third parties 
:to are not able to easily forge the SPA's signature to 
produce a fake identification. 

In accordance with the teachings of the present 
invention, a software application writer ("SW") sup- 
plies three major pieces of information to a com- 
313 piler prior to compilation of the code: 

the source code written by the application writ- 
er; 

the application writer's private key: arid 
the application writer's license. 

H) The code included in a passport may comprise 

source code in various computet languages, as- 
sembly code, machine binary code, or data. The 
code may be stored in various formats. For exam- 
ple, a piece ol source code may be stored in a 

■if) clear text form in the passport. A portion of binary 
executable machine code may also be stored in a 
compacted format in the passport, using certain 
well known compaction algorithms such as Huff- 
man encoding. The format used in a particular 

r>o implementation is indicated by a flag in the pass- 
port. 

Binary executable code may further be stored 
in a printable-character set format to ailow the 
passport to be printed. A user would then reverse 
.'55 the printable-format to recover the software. More- 
over, code protected by intellectual property, such 
as copyright or patent, may be stored in an en- 
crypted format in the passport. In such case, it is 
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contemplated that a user may be required to pay a 
license fee prior to gaming access to the software. 

Referring now to Figure 4, to generate the 
software passport of the present invention, the 
original source code 20. the application writer's 
private key 22, and the application writer's license 
24 is provided to a compiler 26. As illustrated, the 
application writer's license 24 includes the writer's 
name 30. the writer's public key 32 and a validity 
dale 34. 

The compiler 26 then compiles the source 
code 20 into binary code. The compiler 26 further 
computes the message digest of the binary code, 
and encrypts the message digest using the private 
key 22 supplied by the application writer. This 
encrypted message digest constitutes the applica- 
tion writer's signature. 

A digital signature of the application writer is 
produced and embedded in the passport. The 
compiler 26 also embeds the application writer's 
license 24 in the passport. The application writer's 
license 24 allows any user who has purchased the 
product (o recognise the maker of the product. The 
application writer's digital signature in the passport 
allows any user to verify (he genuineness of the 
product. The SPA's digital signature in the applica- 
tion writer's license 24 provides the user with the 
ability to verify that an application writer is a- li- 
censed application writer by using SPA's public- 
key to encrypt the signature. 

As shown in Figure 4, the generated software 
passport 38. including the application code is then 
distributed using any desired software distribution 
model. The passport 38 is received by a user and 
is executed using an operating system (OS) tun- 
ning on a computer system ("platform-") such as 
the system of Figure 1. 

Referring now to Figure 5. the use of the 
present invention by platform builders will be de- 
scribed. In the electronic game industry and the 
interactive television cable set-top box industry, 
platform producers often desire to allow only au- 
thorized code to be executed on their particular 
platform. To be able to control the accessibility of a 
platform, the received code must be identifiable 
and the platform must be able to identify the soft- 
ware when it arrives. As illustrated in Figure 5. the 
present invention may be applied in a platform 
producer licensing scheme with particular applica- 
tion for use in set-top box and video game environ- 
ments. 

Referring now to Figures 6a and 6b. a plat- 
form producer may issue a "programmer's license" 
to a set of application writers (alternatively referred 
to as "software writers") who are authorized to 
write application code for a particular platform. A 
programmer's license issued by a platform pro- 
ducer is similar to the programmer's identification 



issued by the SPA. except (hat the license is 
digitally signed by the platform producer instead of 
by the SPA. The programmer's license contains 
the following information: 

the producer's name; 

the issue license data; 

the license expiration date; 

the producer's public key; 

the issuing authority (the platform producer); 

and 

the platform producer's digital signature. 
The platform producer's digital signature is 
generated by computing the message digest of the 
license, and encrypting the message digest using 
the platform producer's private key. 

The software produced by a licensed applica- 
tion writer will include a valid passport 50 (see 
Figures 5 and 6a) which contains a genuine writ- 
er's digital signature, and a valid application writ- 
er's license 52 issued by the platform builder. Any 
"pplication writer who not authorized by the 
platform builder will not possess a valid license. 
Therefore, the software passport generated by an 
unauthorized person will either have no valid li- 
cense or no valid signature. 

The public key 54 of the platform builder is 
embedded in the platform (e.g.. video game) for 
the verification process. At execution time, the plat- 
form extracts the public key 54 embedded in the 
system to verify that a passport contains a valid 
application writer's license 52. The digital signature 
in (he application writer's license is generated by 
computing the message digest of the license 52 
and encrypting the message digest using the plat- 
form builder's private key. The system of the 
present invention can thus recover the ongmal 
message digest by decrypting the signature using 
the platform builder's public key 54. The verifica- 
tion process of the application writer's license may 
be accomplished by: 

1. recomputing the message digest of (ho ap- 
plication license 52 in the passport 50. 

2. recovering the original message digest, and 
3- comparing the old digest with the newly com- 
puted digest. 

The passport 50 contains a valid application 
writer's license if the two message digests are the 
same. Otherwise the license is not valid. The ver- 
ification process of the present invention is illus- 
trated in the flow chart of Figure 6(a). 

It will be appreciated that even if the passport 
50 does contain a valid application writer's license, 
the application writer might have stolen the license 
by copying it from some other authorized writer's 
passport. In this case, the unauthorized writer 
would not have a correct private key 58 to forge 
the signature of the authorized writer. It is con- 
templated that the system will further verify (he 
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signature of the application writer 60. It will be 
recalled that the application writer's digital signa- 
ture in the passport was generated by computing 
the message digest of the passport and encrypting 
the message digest using the application writer's 
private key 58. The original message digest may 
be recovered by decrypting the signature using the 
writer's public key 62 embedded in the application 
writer's license 52. which -is embedded in the pass- 
port 50. The application writer's digital signature 
may then be verified by: 

1 . recomputing the message digest of the pass- 
port 50. 

2. recovering the original message digest, and 

3. comparing the old digest with the new digest. 
The signature is valid if the two message di- 
gests ate the same. Otherwise the passport is riot 
valid and the platform will reject the execution of 
the software. The steps executed by the present 
invention to verify the application writer's digital 
signature are illustrate* »n flow chart for Figure 5- 
(b). 

It will be further noted that-the security scheme 
of the present invention may be used to protect 
inventions and authorship protected by intellectual 
properly, such as copyrights and patents. The one 
additional procedure that is added to protect in- 
tellectual property is that the compiler (e.g. a com- 
piler 68 shown in Figure 5) generates encrypted 
byte codes. When a user attempts to run the code 
on the platform operating system ("OS") the ver- 
ification procedures are followed as described 
above with reference to Figures 6(a) and 6(b). 
However, with the code encrypted, the operating 
system requires an additional approval before it is 
permitted to run the code. A cryptographic key is 
required which essentially results in an IP license 
to run trie code. After authenticating the code, the 
operating system requests the IP license. The op- 
orating system verifies that the IP license is signed 
by the person who authored the code, and then 
proceeds to decrypt and execute the code. A fur- 
ther feature of the present invention is that third 
parlies do not have the ability to inspect the code 
since it is encrypted. 

Accordingly, the present invention has dis- 
closed a method and apparatus for enhancing soft- 
ware security. Although the present invention has 
been described with reference to Figures 1-6, il 
will be apparent that may alternatives, modifica- 
tions and variations may be mace in light of the 
foregoing description. 

Claims 

1. A method for enhancing software security, 
comprising the steps of: 

providing a first computer; 



providing a private key: 

providing an application writer's license 
which contains a public key: 

providing software: 
.'i providing said first private key, said ap- 

plication writer's license and said software to a 
compiler executed by said first computer, said 
compijer compiling said software into binary 
code and computing a message digest for said 
iir binary code: 

said first computer further encrypting said 
message digest using said private key. said 
encrypted message digest comprising an ap- 
plication writer's digital signature; 
ff.i said first computer generating a software 

passport comprising said application writer's 
digital signature and said application writer's 
license: 

providing an element for performing the 
,?r; step of distributing said software passport and 

said binary code to a user. 

2. The method as defined by Claim 1 further 
including the step by said user of receiving 

25 said software passport and executing said bi- 

nary code on a second computer in conjunc- 
tion with ail operating system. 

3. The method as defined by Claim 2 wherein 
.70 said license includes a name of an author of 

said software. 

4. The method as defined by Claim 3 wherein 
said license further includes a public key for 

:n, said author. 

5. The method as defined by Claim 4 wherein 
said license includes a validity date for said 
software. 

H) 

6. The method as defined by Claim 3 wherein 
said license further includes a digital signature 
for a Sollware Publishing Authority ("SPA"). 

•jf> 7. A method for enhancing software security, 
comprising the steps of: 

providing a first computer; 

providing an application writer's private 

key: 

so providing an application writer's license in- 

cluding an application writer's public key and a 
platform builder's digital signature: 
providing software; 

providing said application writer's private 
i y:> key. said application writer's license and said 

software to a compiler executed by said first 
computer, said compiler compiling said soft- 
ware into binary code and computing a first 
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message digest for said binary code; 

said first computer further encrypting said 
first message digest using said application 
writer's private key, said encrypted first mes- 
sage digest comprising an application writer's <> 
digital signature: 

said first computer generating a software 
passport comprising said application writer's 
digital signature, said application writer's li- 
cense and said binary code: w 

providing an element for performing the 
step of distributing said software passport to a 
second computer. 

8. The method as defined by Claim 7 further /s 
including the steps of: 

said second computer receiving said soft- 
ware passport; 

said second computer determining if said 
software passport includes said application ,?o 
writer's license, such thai if said software pass- 
port does not include said application writer's 
license said second computer rejects said soft- ^ 
ware passport. 

;?fi 

9. The method as defined by Claim 8 further 
including. the step of extracting said application 
writer's license from- said software passport. 

10. The method as defined by Claim 9 further so 
including the step of determining if said ap- 
plication writer's license includes said platform 
builder's digital signature, such that if said 
platform builder's digital signature is not in- 
cluded said software passport is rejected by 3h 
said second computer. 

11. The method as defined by Claim 10 further 
including the step of decryptin g said platform 
builder's digital signature using a platform -w 
builder's public key provided to said second 

com puter. 

12. The method as defined by Claim it further 
including the step of said second computer /r; 
computing a second message digest of said 
software passport and comparing said first 
message digest to said second message di- 
gest, such that if said first and second mes- 
sage digest are not equal said software pass- bo 
port is rejected by said second computer. 

13. The method as defined by Claim 12 further 
including the step that if said first and second 
message digests are equal said second com- w 
puter extracts said application writer's public 

key from said application writer's license. 



14. The method as defined by Claim !3 further 
including the step of said second computer 
extracting said binary code from said software 
passport. 

15. The method as defined by Claim 14 further 
including the step of said second computer 
extracting said application writer's digital signa- 
ture from said software passport. 

16. The method as defined, by Claim 15 further 
including the step of said second computer 
computing a message digest of said binary 
code. 

17. The method as defined by Claim 16 further 
including the step of said second computer 
decrypting said application writer's digital sig- 
nature using said application writer's public 
key. 

18. The method as defined by Claim 17 further 
including the step of said second computer 
comparing said message digest of said binary 
code with said decrypted application writer's 
digital signature, such that if said message 
digest of said binary code and said decrypted 
application writer's signature are equal, said 
second computer executes said binary code. 

19. A system for enhancing software security, 
comprising: 

a first computer: 
a private key; 

an application writer's license; 
software: 

a compiler . executed by said first com- 
puter, said compiler compiling said software 
into binary code and computing a message 
digest for said binary code: 

said first computer' further encrypting said 
message digest using said private key. said 
encrypted message digest com prising an ap- 
plication writer's digital signature: 

sa:d first computer generating a software 
passport comprising said application writer's 
digital signature and said application writer's 
license; 

an element for distributing said software 
passport and said binary code to a user. 

20. The system as defined by Claim 19 wherein 
said user receives said software passport and 
executes said binary code on a second com- 
puter in conjunction with an operating system. 

21. The system as defined by Claim 20 wherein 
said license includes a name of an author of 
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said software. 

22. The system as defined by Claim 21 wherein 
said license further includes a public key for 
said author. 

23. A system for enhancing software security, 
comprising: 

a first computer: 

an application writer's private key: 

an application writer's license including an 

application writer's public key and a platform 

builder's digital signature; 
software; 

a compiler executed by said first com- 
puter, said compiler compiling said software 
into binary code and computing a first mes- 
sage digest for said binary code; 

said compiler further encrypting said first 
message digest using said application writer's 
private key. said encrypted first message di- 
gest comprising an application writer's digital 
signature: _ 

said first computer generating a software 
passport comprising said application writer's 
digital signature, said application writer's li- 
cense and said binary code; 

an element for distributing said software 
passport to a second computer. 

24. The system as defined by Claim 23 wherein 
said second computer receives said software 
passport and determines if said software pass- 
port includes said application writer's license, 
such that if said software passport does not 
include said application writer's license said 
second computer rejects said software pass- 
port. 

25. The system as defined by Claim 24 wherein 
said second computer extracts said application 
writer's license from said software passport. 



28. The system as defined by Claim 27 wherein 
said second computer computes a second 
message digest of said software passport and 
compares said first message digest to said 
r, second message digest, such that if said first 

and second message digest are not equal said 
software passport is rejected by said second 
computer. 

w 29. The system as defined by Claim 28 wherein if 
said first and second message digests are 
equal said second computer extracts said ap- 
plication writer's public key from said applica- 
t tion writer's license, 

lb 

30. The system as defined by Claim 29 wherein 
saicl second computer extracts said binary 
code from said software passport. 

20 31. The system as defined by Claim 30 wherein 
said second computer extracts said application 
writer's digital signature from said software 
passport. 

25 32. The system as defined by Claim 31 wherein 
said second computer computes a message 
digest of said binary code. 

33. The system as defined by Claim 32 wherein 
30 said second computer decrypts said applica- 
tion writer's digital signature using said ap- 
plication writer's public key. 

34. The system as defined by Claim 33 wherein 
:*.'> said second computer compares said message 

digest of said binary code with said decrypted 
application writer's digital signature, such that 
if said message digest of said binary code and 
said decrypted application writer's signature 
■jo are equal, said second computer executes said 

binary code. 



26. The system as defined by Claim 25 wherein 

said second computer determines if said- ap- -it> 
plication writer's license includes said platform 
builder's digital signature, such that if said 
platform builder's digital signature is not in- 
cluded said software passport is rejected by 
said second computer. so 

27. The system as defined by Claim 26 wherein 
said second computer decrypts said platform 
builder's digital signature using a platform 
builder's public key provided to said second 5/5 
computer. 



10 



■ -F° OfiRGOO^A'? I 



EP 0 686 906 A2 



FIG. 1 



15 



2l 



□□□□□□□□□□□□ □□□ 
□□□□□□□□□□□□ □□□ 
□□□□□□□□□□□□ □□□ 

□ n m 



IDC 



ODD 



12 



10 



I/O 



CPU 



MEMORY 



■15 
■14 






PRIVATE KEY 22 




FIG. 4 



'SOURCE CODE 
K 20 



9 



COMPILER 
26 



± 



PASSPORT 



CODE 



APP WRITER'S LICENSE 24 



APR WRITER'S NAME JO 



APP WRITER'S PUBLIC KEY 32 



VALIDITY DATE 34 




■38 



i 



ANY DISTRIBUTION CHANNEL 



OS 



PLATFORM 



1 1 



EP 0 686 906 A2 



FIG. 2 



PRODUCT INFO.... 


COMPANY INFO.... 


VALIDITY DATE.... 


RESTRICTED RIGHTS LEGEND.... 




APP WRITERS NAME 






APP WRITER'S PUBLIC KEY://// 






IDENTIFICATION AUTHORITY: THE PLATFORM BUILDER 






PLATFORM BUILDER'S SIGNATURE://// 






APP WRITER'S SIGNATURE://// 



CODE BODY 



PRODUCT INFO.... 


COMPANY INFO... 


VALIDITY DATE.... 


RESTRICTED RIGHTS LEGEND... \ 




APP WRITER'S NAME 






APP WRITER'S PUBLIC KEY://// 






IDENTIFICATION AUTHORITY: THE PLATFORM BUILDER 






PLATFORM BUILDER'S SIGNATURE://// 






APP WRITER'S SIGNATURE://// \ 




CODE BODY 









FIG. J 



'.NSDOCID -.BP „06fl6906A2 I > 



12 



EP 0 686 906 A2 



FIG. 5 








PASSPORT 




CODE 



APP WRITER'S LICENSE 52 
APR WRITER'S NAME 



APP WRITER'S PUBLIC KEY 62 

VALIDITY DATE 
PLATEORM BUILDER'S SIGNATURE 



50 



OS 



PLATEORM 



PLATEORM BUILDER'S 
■PUBLIC KEY 54 



0686 906 A2 I * 



13 



EP 0 686 906 A2 



HARDWARE PLATFORM 
WITH PUBLIC KEY IN 
REGISTER 



ATTEMPT TO LOAD 
SOFTWARE 



SOFTWARE \ NO 
HAS PASSPORT 

9 




EXTRACT LICENSE FROM 
SOFTWARE PASSPORT 




DECRYPT ISSUER'S SIGNATURE 
USING PUBLIC KEY IN REGISTER 



RECOMPUTE MESSAGE 
DIGEST OF LICENSE 



ARE MESSAGE 
DIGESTS EO^ 



NO 



FIG. 6(a) 



REJECT SOFTWARE 



REJECT SOFTWARE 
PASSPORT 



SW LICENSE NOT GENUINE 



14 



EP 0 686 906 A2 




EXTRACT SW'S PUBLIC 
KEY FROM APPLICATION WRITER'S 
LICENSE 



EXTRACT CODE BODY 
FROM THE PASSPORT 



FIG. 6(b) 



EXTRACT SWS 
SIGNATURE 



RECOMPUTE MESSAGE 
DIGEST OF THE CODE 
BODY 



MD = MESSAGE DIGEST 
SW = SOFTWARE 
(APPLICATION) 
WRITER 



DECRYPT SW'S 
SIGNATURE USING 
SW'S PUBLIC KEY 



COMPARE RECOMPUTED 
MESSAGE DIGEST WITH 
SW'S DECRYPTED SIG 




REJECT SOFTWARE 
PASSPORT 



EXECUTE CODE 



15 



(19) 



J 



(12) 



(88) Date of publication A3: 

06.08.1997 Bulletin 1997/32 



Europaisches Patentamt 
European Patent Office 
Off ice europeen des brevets (11) EP 0 686 906 A3 

EUROPEAN PATENT APPLICATION 

(51) int. Cl. 6 : G06F 1/00, H04L 9/32 



(43) Date of publication A2: 

13.12.1995 Bulletin 1995/50 

(21) Application number: 95303720.7 

(22) Date of filing: 31.05.1995 



(84) Designated Contracting States: 


(72) Inventors: 


DE FR GB NL SE 


• Chang, Sheue-Ling 


(30) Priority: 1 0.06.1994 US 258244 


Cupertino, California 95014 (US) 


• Gosling, James 


(71) Applicant: SUN MICROSYSTEMS, INC. 


Woodside, California 95014 (US) 


Mountain View, CA 94043 (US) 


(74) Representative: Wombwell, Francis et al 




Potts, Kerr & Co. 




15, Hamilton Square 




Birkenhead Merseyside L41 6BR (GB) 



CO 

< 

CO 

o 

cr> 

CD 
CO 
CD 

O 

CL 
LU 



(54) Method and apparatus for enhancing software security and distributing software 



(57) Source code to be protected, a software appli- 
cation writer's private key, along with an application 
writer's license provided to the first computer. The appli- 
cation writer's license includes identifying information 
such as the application writer's name as well as the 
application writer's public key. A compiler program exe- 
cuted by the first computer compiles the source code 
into binary code, and computes a message digest for 
the binary code. The first computer then encrypts the 
message digest using the application writer's private 
key, such that the encrypted message digest is defined 
as a digital "signature" of the application writer. A soft- 
ware passport is then generated which includes the 
application writer's digital signature, the application 
writer's license and the binary code. The software pass- 
port is then distributed to a user using any number of 
software distribution models known in the industry. A 
user, upon receipt of the software passport, loads the 
passport into a computer which determines whether the 
software passport includes the application writer's 
license and digital signature. In the event that the soft- 
ware passport does not include the application writer's 
license, or the application writer's digital signature, then 
the user's computer system discards the software pass- 
port and does not execute the binary code. As an addi- 
tional security step, the user's computer computes a 
second message digest for the software passport and 
compares it to the first message digest, such that if the 
first and second message digests are not equal, the 
software passport is also rejected by the user's compu- 
ter and the code is not executed. If the first and second 



message digests are equal, the user's computer 
extracts the application writer's public key from the 
application writer's license for verification. The applica- 
tion writer's digital signature is decrypted using the 
application writer's public key. The user's computer then 
compares a message digest of the binary code to be 
executed, with the decrypted application writer's digital 
signature, such that if they are equal, the user's compu- 
ter executes the binary code. 
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